Route Origin Authorization

$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa
File:                     4d4df828-87d0-400e-bee0-4cd343ba4776.roa (raw, json)
Hash identifier:          4Y1k9k9EURo4yFIbFBM+rSQNLtXXoYFO9qn0X13G2t8=
Subject key identifier:   53:95:29:0C:93:A1:44:F6:35:A6:CC:DB:2F:2A:08:75:29:48:AD:57
Certificate issuer:       /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial:       56D0432BDABAE3D23C39E782C8E70BADC8D483B8
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access:    rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access:      rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa
Signing time:             Tue 18 Mar 2025 00:31:49 +0000
ROA not before:           Tue 18 Mar 2025 00:31:49 +0000
ROA not after:            Tue 22 Apr 2025 23:59:59 +0000
asID:                     16509
IP address blocks:        50.18.64.0/18 maxlen: 18
Validation:               Failed, unable to get local issuer certificate

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            56:d0:43:2b:da:ba:e3:d2:3c:39:e7:82:c8:e7:0b:ad:c8:d4:83:b8
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
        Validity
            Not Before: Mar 18 00:31:49 2025 GMT
            Not After : Apr 22 23:59:59 2025 GMT
        Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:e1:dd:be:77:ae:90:29:0e:47:0b:12:a4:3a:3b:
                    27:e4:5f:74:2e:9a:72:c1:3d:d3:65:96:5b:d4:33:
                    93:75:d1:15:02:b4:5b:45:2e:7d:20:7a:a4:ab:e0:
                    5a:1d:fb:4c:37:10:2c:fd:cd:f3:55:d8:e4:0c:e0:
                    5b:41:85:14:da:f7:c2:e3:51:67:68:a2:0f:c6:a8:
                    86:b0:d9:71:3c:55:48:d4:7d:e9:ae:42:40:99:90:
                    57:2a:cf:08:7c:33:ee:81:af:d0:de:7a:c5:9b:60:
                    8a:18:3b:9b:a3:f0:0b:1c:35:4f:27:e3:e3:8a:4e:
                    d6:7d:17:c0:9f:c2:8f:1c:99:fb:e2:6f:3f:bf:ef:
                    7b:85:b9:fd:e3:88:a7:a8:68:1f:a6:63:b8:56:3e:
                    67:c3:5a:77:d5:c6:ba:9c:73:b0:b6:4c:fa:89:76:
                    82:ab:b8:43:8f:d0:60:fa:a4:6d:be:cd:cb:15:45:
                    22:fb:8f:a9:80:9a:ea:a4:3a:5d:14:28:e6:89:7b:
                    c8:d8:c9:a8:92:e4:f0:25:26:39:4b:a9:c8:68:50:
                    e2:31:df:f8:79:21:b8:6b:4c:59:b0:b3:a1:d5:c7:
                    ca:4b:c1:aa:6a:e2:24:5f:28:df:b8:71:6e:9b:04:
                    4e:94:a3:ce:44:c2:62:0c:90:2a:6d:c3:41:84:cc:
                    b2:71
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                53:95:29:0C:93:A1:44:F6:35:A6:CC:DB:2F:2A:08:75:29:48:AD:57
            X509v3 Authority Key Identifier:
                keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/4d4df828-87d0-400e-bee0-4cd343ba4776.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  50.18.64.0/18

    Signature Algorithm: sha256WithRSAEncryption
         31:75:a2:56:c4:8e:a9:1c:6f:85:59:02:3b:4c:73:b6:6a:98:
         38:88:23:68:77:fe:0c:74:86:ad:08:43:f5:a4:89:55:9a:28:
         72:f0:97:f5:12:25:70:de:5f:0d:84:28:6e:8d:2f:7b:2b:43:
         08:00:d5:e7:ec:6b:9b:48:ba:e8:d7:e5:70:84:95:a8:53:da:
         0d:fc:53:04:86:78:fa:b1:48:ad:b5:e4:07:36:f1:a1:df:aa:
         35:08:4c:46:1e:46:10:45:8f:58:61:3f:c8:74:70:0b:86:09:
         19:96:90:e4:64:f3:eb:ab:5f:19:c9:b2:d4:c4:63:c3:e2:8e:
         5f:61:05:5d:60:8f:1c:36:c5:f6:ba:a9:8c:f5:56:6b:b4:78:
         4e:c0:ce:fa:09:b1:88:c7:99:d9:0b:4f:b0:47:91:ce:1c:3f:
         e1:ae:47:74:d7:f2:63:e6:66:d8:16:d3:82:7c:da:a6:cd:24:
         ac:b0:ff:8f:1a:09:20:c3:b1:65:86:9a:95:3e:61:57:84:1a:
         25:5a:65:42:be:b1:f4:03:25:fc:6d:e2:49:ff:0e:44:e3:8f:
         04:15:96:46:e8:23:64:80:3f:cb:3c:4e:bd:12:f1:cf:db:49:
         5b:be:fe:20:f7:d5:32:36:6f:93:ac:5d:34:cc:cb:6b:0a:19:
         5f:ea:0f:e2
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVtBDK9q649I8OeeCyOcLrcjUg7gwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzE4MDAzMTQ5WhcNMjUwNDIyMjM1OTU5
WjB6MUkwRwYDVQQFE0A3YWI3N2ViZmIwNTEwZDgzODNlZDliYTAyODY4MjFjOTVi
NTBjMmE3MzU1ZWIyYzczODQzMGI5NzdiNmY1MDQ1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDh3b53rpApDkcLEqQ6OyfkX3QumnLBPdNlllvUM5N10RUC
tFtFLn0geqSr4Fod+0w3ECz9zfNV2OQM4FtBhRTa98LjUWdoog/GqIaw2XE8VUjU
femuQkCZkFcqzwh8M+6Br9DeesWbYIoYO5uj8AscNU8n4+OKTtZ9F8Cfwo8cmfvi
bz+/73uFuf3jiKeoaB+mY7hWPmfDWnfVxrqcc7C2TPqJdoKruEOP0GD6pG2+zcsV
RSL7j6mAmuqkOl0UKOaJe8jYyaiS5PAlJjlLqchoUOIx3/h5IbhrTFmws6HVx8pL
wapq4iRfKN+4cW6bBE6Uo85EwmIMkCptw0GEzLJxAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUU5UpDJOhRPY1pszbLyoIdSlIrVcwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzRkNGRmODI4LTg3ZDAtNDAwZS1iZWUwLTRjZDM0M2JhNDc3Ni5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAYyEkAwDQYJKoZIhvcNAQELBQADggEBADF1olbEjqkcb4VZAjtMc7ZqmDiI
I2h3/gx0hq0IQ/WkiVWaKHLwl/USJXDeXw2EKG6NL3srQwgA1efsa5tIuujX5XCE
lahT2g38UwSGePqxSK215Ac28aHfqjUITEYeRhBFj1hhP8h0cAuGCRmWkORk8+ur
XxnJstTEY8Pijl9hBV1gjxw2xfa6qYz1Vmu0eE7AzvoJsYjHmdkLT7BHkc4cP+Gu
R3TX8mPmZtgW04J82qbNJKyw/48aCSDDsWWGmpU+YVeEGiVaZUK+sfQDJfxt4kn/
DkTjjwQVlkboI2SAP8s8Tr0S8c/bSVu+/iD31TI2b5OsXTTMy2sKGV/qD+I=
-----END CERTIFICATE-----